Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-0001HistoryJan 29, 2010 - 6:30 p.m.
CVE-2010-0001
2010-01-2918:30:00
Debian Security Bug Tracker
security-tracker.debian.org
23
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.061
Percentile
93.6%
Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | busybox | < 1:1.35.0-4 | busybox_1:1.35.0-4_all.deb |
| Debian | 11 | all | busybox | < 1:1.30.1-6 | busybox_1:1.30.1-6_all.deb |
| Debian | 999 | all | busybox | < 1:1.36.1-9 | busybox_1:1.36.1-9_all.deb |
| Debian | 13 | all | busybox | < 1:1.36.1-9 | busybox_1:1.36.1-9_all.deb |
| Debian | 12 | all | gzip | < 1.3.12-9 | gzip_1.3.12-9_all.deb |
| Debian | 11 | all | gzip | < 1.3.12-9 | gzip_1.3.12-9_all.deb |
| Debian | 999 | all | gzip | < 1.3.12-9 | gzip_1.3.12-9_all.deb |
| Debian | 13 | all | gzip | < 1.3.12-9 | gzip_1.3.12-9_all.deb |
| Debian | 12 | all | klibc | < 2.0.12-1 | klibc_2.0.12-1_all.deb |
| Debian | 11 | all | klibc | < 2.0.8-6.1 | klibc_2.0.8-6.1_all.deb |
Related
openvas
openvas
CentOS Update for gzip CESA-2010:0061 centos5 i386
2011-08-09 00:00:00
CentOS Update for gzip CESA-2010:0061 centos5 i386
2011-08-09 00:00:00
Debian: Security Advisory (DSA-2074-1)
2010-08-21 00:00:00
nessus
nessus
Oracle Linux 3 / 4 / 5 : gzip (ELSA-2010-0061)
2013-07-12 00:00:00
Scientific Linux Security Update : gzip on SL3.x, SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
RHEL 3 / 4 / 5 : gzip (RHSA-2010:0061)
2010-01-21 00:00:00
securityvulns
securityvulns
[ MDVSA-2010:019 ] gzip
2010-01-21 00:00:00
gzip integer overflow
2010-01-21 00:00:00
cvelist
cvelist
CVE-2010-0001
2010-01-29 18:00:00
oraclelinux
oraclelinux
gzip security update
2010-01-20 00:00:00
ubuntucve
ubuntucve
CVE-2010-0001
2010-01-20 00:00:00
prion
prion
Integer overflow
2010-01-29 18:30:00
altlinux
altlinux
Security fix for the ALT Linux 9 package gzip version 1.3.5-alt6
2010-01-13 00:00:00
Security fix for the ALT Linux 5 package gzip version 1.3.5-alt6
2010-01-13 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:39:43
debian
debian
[SECURITY] [DSA 1974-1] New gzip packages fix arbitrary code execution
2010-01-20 14:16:48
centos
centos
gzip security update
2010-01-20 17:49:37
cve
cve
CVE-2010-0001
2010-01-29 18:30:00
nvd
nvd
CVE-2010-0001
2010-01-29 18:30:00
slackware
slackware
[slackware-security] gzip
2010-03-02 03:33:10
redhat
redhat
(RHSA-2010:0061) Moderate: gzip security update
2010-01-20 00:00:00
(RHSA-2010:0095) Important: rhev-hypervisor security and bug fix update
2010-02-09 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: gzip-1.3.12-10.fc11
2010-02-01 01:04:06
[SECURITY] Fedora 12 Update: gzip-1.3.12-14.fc12
2010-02-01 01:03:15
ibm
ibm
ubuntu
ubuntu
gzip vulnerabilities
2010-01-20 00:00:00
osv
osv
gzip - arbitrary code execution
2010-01-20 00:00:00
suse
suse
remote code execution in acroread
2010-01-26 16:40:23
gentoo
gentoo
Multiple packages, Multiple vulnerabilities fixed in 2010
2014-12-11 00:00:00
vmware
vmware
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
kitploit
kitploit
Radamsa - A General-Purpose Fuzzer
2024-03-25 11:30:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.061
Percentile
93.6%
Related for DEBIANCVE:CVE-2010-0001